Internet connection speed issue: Iminent?

[Jitter]

The current logs are not showing an infection. I would suggest possibly getting the latest network drivers for your network card and install them and see if that makes any difference.

I talked to Intel earlier. At their suggestion I removed the existing NIC software and installed the most recent version already.

 

I want to thank you very much for all the work you have done helping me. I have learned much even though the one, odd problem persists. It is at least comforting to know I don't seem to have an active malware infection.

 

I still wonder about some lingering Registry keys. I still have three sub-keys that refer to folder locations for "Iminent" but that folder no longer exist nor does any "Iminent" software. Can I assume it's all right to delete these Registry entries?

 

Also, another POS came along with the former arrival of "Iminent" on my system, that being "Coupon Companion" and I still have keys relating to that. I'll post them here for you to see:

 

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Coupon Companion Plugin_RASAPI32

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Coupon Companion Plugin_RASMANCS

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Coupon Companion Plugin-InternalInstaller_RASAPI32

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Coupon Companion Plugin-InternalInstaller_RASMANCS

This following key contains AppData and AppPath sub-keys also relating to "Coupon Companion". That path is also nonexistent and there is no Coupon Companion software on my system:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181104}

 

All other "Iminent" keys appear to be gone and there were quite a few.

 

 

After running DelFix I have just one of our programs left; ERUNT, which is fully installed in Windows. Shall I go ahead and uninstall it?

 

DelFix

 

# DelFix v10.7 - Logfile created 17/06/2014 at 23:05:15

# Updated 27/04/2014 by Xplode

# Username : Jake Fin - JAKEFIN

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox

Deleted : C:\FRST

Deleted : C:\AdwCleaner

Deleted : C:\ComboFix.txt

Deleted : C:\Users\Jake Fin\Desktop\Addition.txt

Deleted : C:\Users\Jake Fin\Desktop\adwcleaner_3.212.exe

Deleted : C:\Users\Jake Fin\Desktop\ComboFix.exe

Deleted : C:\Users\Jake Fin\Desktop\FRST.txt

Deleted : C:\Users\Jake Fin\Desktop\FRST64.exe

Deleted : C:\Users\Jake Fin\Desktop\JRT.exe

Deleted : C:\Users\Jake Fin\Desktop\JRT.txt

Deleted : C:\Users\Jake Fin\Desktop\MiniToolBox.exe

Deleted : C:\Users\Jake Fin\Desktop\Result.txt

Deleted : C:\Users\Jake Fin\Desktop\rkill.exe

Deleted : C:\Users\Jake Fin\Desktop\Rkill.txt

Deleted : C:\Users\Jake Fin\Desktop\RogueKillerX64.exe

Deleted : C:\Users\Jake Fin\Desktop\TFC.exe

Deleted : C:\Windows\grep.exe

Deleted : C:\Windows\PEV.exe

Deleted : C:\Windows\NIRCMD.exe

Deleted : C:\Windows\MBR.exe

Deleted : C:\Windows\SED.exe

Deleted : C:\Windows\SWREG.exe

Deleted : C:\Windows\SWSC.exe

Deleted : C:\Windows\SWXCACLS.exe

Deleted : C:\Windows\Zip.exe

Deleted : HKLM\SOFTWARE\OldTimer Tools

Deleted : HKLM\SOFTWARE\AdwCleaner

Deleted : HKLM\SOFTWARE\Swearware

Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~ Creating registry backup ... OK

########## - EOF - ##########

 

[AdvancedSetup]

Yes you can manually remove those keys but let me have you read the following just so you're aware that leaving those keys will not affect speed or security of the computer.
 

Do I need a Windows Registry Cleaner?

ERUNT is actually a pretty nice little tool to keep on hand and create backups of your registry from time to time (sort of like System Restore) but these are full hives and even if System Restore breaks or can't restore you can still restore a hive file so up to you if you want to keep or remove it.

 

You could try adding in a new network card. Cost is about $40? and see if that corrects the issue for you.

[Jitter]

You could try adding in a new network card. Cost is about $40? and see if that corrects the issue for you.

My motherboard does have an onboard network adapter, also an Intel part. I used that for the first 6 months of this computer's life but I started to feel I was had a slow-ping issue; two other computers connecting through the same hardware here were getting much better ping times than my main computer. At that time I installed a new PCIe Intel network adapter and though it didn't solve the ping issue it worked fine so I kept using it. Since that time the slow-ping issue has dissipated, maybe due to steps I took or maybe due to computer gremlins, but my ping times are fine now.

 

When this new problem surfaced I tried switching back to the onboard NIC to see if that would help but this problem persisted on both NICs. I am currently using the PCIe part now.

 

Over at Microsoft at least one helper seems to think I should create a new personal user account and port my files over to it and see if that doesn't solve the problem since it has already been shown that the Guest account does not suffer from this issue. Since I don't have anything to lose by trying that I suppose it's worth the effort but I'm a bit weary of the fight for now, and my workaround is a simple one.

 

What I really want to find out is how the loading of my user account can affect my Internet connection speed and why simply disabling/re-enabling the network adapter reverses that affect. It's as if some software setting or preference executed during the load of the user account is doing it but if Intel doesn't know what that could be it's certainly over my head.

 

Again, I'm very grateful for all the help, thank you.

[AdvancedSetup]

You don't need to move files and folders etc to test a new account. Simply go into the control panel, users and create a new user. Then log off and log back on as that new user (make sure the new user has admin rights) and see if it works or not. Try restarting the computer as well and check again and let me know.

[Jitter]

I created a new user account with admin privileges. I rebooted and logged on to the new user account. To my surprise it acted exactly like my old, regular user account with a drastically slowed connection speed at 2/2. I logged off then logged on to the Guest account which does not have admin. privilege. Internet connection came in at full speed (28/5). I logged off then logged on to my old user account and Internet speed was back down to 2/2. Then after my workaround (turn off/on network adapter) connection speed was back up to my normal 28/5.

 

I went and turned off the admin privilege for the new test user account and after my next boot I'll test it to see if it connects at full speed right away like the Guest account does. I guess it is now possible the problem is narrowed down to happening only when administrator privileges are loaded, if that makes any sense.

 

Oddly, the "slowed" connection speed varies a lot more than my full speed does. Sometimes its 2/2, but sometimes it's 1.7/1.8, 2/4, 1.7/5, or even higher at 6/3. Makes no sense.

[Jitter]

I rebooted and logged on to the new test user account (now with administrator privilege turned off). Internet connection speed came in at 28.48 down, 6.02 up. I logged off and then back on to my old admin user account; speed was 1.81 down, 1.94 up. After my workaround it was back up to normal.

 

It's creepy. Since the new user account was pristine it can't have anything to do with settings made or corruption of the account.

 

If you wanted to produce this effect, a choked connection speed, can you think of a network adapter setting you could change in order to do it?

[AdvancedSetup]

You could possibly try this tool

 

http://www.dslreports.com/tweaks

 

You could also search and/or post on their forums which has a lot of knowledge and experience with networking issues.

[Jitter]

Thanks. I already opened a thread there and took the liberty of sharing the results of our investigation with them. So far nobody has recognized the symptoms. It's been a while since I ran any of there tweaking tools so I will have an updated peek at those.

[AdvancedSetup]

Sorry I can't be of much further help there but just don't have time for all issues and the site is mainly for malware detection and removal which your system appears to be clean.

 

At this time there are no more signs of an infection on your system.
However if you are still seeing any signs of an infection please let me know.

Let's go ahead and remove the tools and logs we've used during this process.

Most of the tools used are potentially dangerous to use unsupervised or if ran at the wrong time.
They are often updated daily so if you went to use them again in the future they would be outdated anyways.

The following procedures will implement some cleanup procedures to remove these tools.
 
Download Delfix from here and save it to your desktop. (you may already have this)

• Ensure Remove disinfection tools is checked.
• Click the Run button.
• Reboot
  

Any other programs or logs that are still remaining, you can manually delete. (right click.....Delete)
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.

Note:
If you used FRST and can't delete the quarantine folder:
Download the fixlist.txt to the same folder as FRST.exe.
Run FRST.exe and click Fix only once and wait
That will delete the quarantine folder created by FRST.
The rest you can manually delete.
 
 
If there are any other left over Folders, Files, Logs then you can delete them on your own.
 
Please visit the following link to see how to delete old System Restore Points. Please delete all of them and create a new one at this time.
How to Delete System Protection Restore Points in Windows 7 and Windows 8

Remove all but the most recent Restore Point on Windows XP


As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers
How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.
Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.

• How Malware Spreads - How did I get infected
• Best Practices for Safe Computing - Prevention of Malware Infection
• Avoiding those unwanted free applications
• A close look at how Oracle installs deceptive software with Java updates
• IAC / Ask.com toolbars
• Malwarebytes Unpacked Blog
  

If you're not currently using Malwarebytes Premium then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.
 

[Jitter]

I understand. If I ever solve this I'll come back and post the solution in case anybody else runs into this issue.

 

Thanks again for all the help.

[AdvancedSetup]

Good luck and take care.

[AdvancedSetup]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.